package com.leftheart.config;


import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.HashMap;
import java.util.LinkedHashMap;

@Configuration
public class ShiroConfig {
    //ShiroFilerFactoryBean
    @Bean
   public ShiroFilterFactoryBean getShiroFilterFactoryBean(@Qualifier("securityManager") DefaultWebSecurityManager defaultWebSecurityManager){
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
//        设置安全管理器

        factoryBean.setSecurityManager(defaultWebSecurityManager);

//        添加shiro的内置过滤器
        /*
        * anon:无需认证即可访问
        * authc:必须认证才能访问
        * user:必须拥有 记住我 才能访问
        * perms:拥有对某个资源的权限才能访问
        * role:拥有某个角色访问权限才能访问
        * */

        //拦截
        HashMap<String, String> filterMap = new LinkedHashMap<>();
        filterMap.put("/books/**","authc");
        filterMap.put("/update/**","anon");
        filterMap.put("/users/**","authc");
        filterMap.put("/rental/**","authc");


//        filterMap.put("/user/update","authc");


//        授权  对user:add进行授权
//        filterMap.put("/user/add","perms[user:add]");
//        filterMap.put("/user/update","perms[user:update]");
//        filterMap.put("/user/*","authc");

        factoryBean.setFilterChainDefinitionMap(filterMap);
//        设置登录的请求
        factoryBean.setLoginUrl("/go/tologin");
//        factoryBean.setUnauthorizedUrl("/unauth");

        return factoryBean;
    }


    //DefaultWebSecurityManager
    @Bean(name="securityManager")
    public DefaultWebSecurityManager getDefaultWebSecurityManager(@Qualifier("userRealm") com.leftheart.config.UserRealm userRealm){
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
//        关联Realm
        securityManager.setRealm(userRealm);
        return securityManager;
    }
    //    创建Realm对象 自定义类
    @Bean
    public UserRealm userRealm(){
        return new UserRealm();
    }

    //    ShiroDialect 用来整合shiro thymleaf
    @Bean
    public ShiroDialect getShiroDialect(){
        return new ShiroDialect();

    }

    @Bean
    public HashedCredentialsMatcher hashedCredentialsMatcher(){
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
        // 使用md5 算法进行加密
        hashedCredentialsMatcher.setHashAlgorithmName("md5");
        // 设置散列次数： 意为加密几次
        hashedCredentialsMatcher.setHashIterations(2);

        return hashedCredentialsMatcher;
    }
    @Bean
    public UserRealm myShiroRealm(){
        UserRealm myShiroRealm = new UserRealm();
        // 配置 加密 （在加密后，不配置的话会导致登陆密码失败）
        myShiroRealm.setCredentialsMatcher(hashedCredentialsMatcher());
        System.out.println("myShiroRealm 注入成功");
        return myShiroRealm;
    }



}
